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Appl. Na 09/783,897 

RCE Dated July 28, 2004 

FoHowing Office Action of January 30, 2004 

Remarks/Arguments 

Claims 1-80 are pending in the instant application. In the referenced Office Action, the 
Examiner has rejected all claims under 35 U.S.C. § 102(e) as anticipated by U.S. Patent 
Application Publication 2002/0038363 Al to MacLean (hereinafter, MacLean 
2002/0038363), The earliest priority date for MacLean appears to be September 28, 2000; 
the filing date of a provisional patent application no. 60/235,973 to which it claims priority 
(hereinafter, MacLean provisional application). 

Applicant herein contends that the inventors of the present patent application conceived of 
their invention prior to the MacLean 2002/0038363 priority date, and diligently reduced it 
to practice until filing of the present application. Additionally and alternatively, Applicant 
contends that MacLean provisional application, from which MacLean 2002/0038363 
claims priority, does not disclose or enable the teachings asserted by the Examiner in 
rejecting claims 1-80 of the present application. For that additional and alternative 
argument, Applicant separately shows prior constructive reduction to practice, and prior 
conception coupled with necessary diligence, each separate showing predating the 
MacLean 2002/0038363 filing date of February 13, 2001. The attached Affidavit and 
Exhibits are identical to those filed with a Response (after final) filed on April 6, 2004, 
which the Examiner refused to consider in an Advisory Action that the PAIR system 
indicates was mailed on July 27, 2004. 

L Conception and Diligence to Predate the Earliest MacLean Priority Date: 

A 35 U.S.C. 102(e) reference may be overcome by antedating the filing date of the 
reference by submitting an affidavit or declaration under 37 C.F.R. 1.131. M.P.E.P. §§ 
715 and 2136.05. One way to antedate a reference is to provide sufficient facts to show 
conception of the invention prior to the effective date of the reference coupled with 
diligence fi-om a date prior to that reference date to the filing date of the application. 
M.P.E.P. § 715.07. 

The "invention" refers to the subject matter of the claims. The purpose of the Rule 131 
showing is to broadly establish possession of the invention. A Rule 131 declarant need 
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not necessarily show possession of the entire invention as later claimed; it is sufficient that 
he shows possession of enough to make the entire invention obvious to one of ordinary 
skill in the art. See In re Spiller , 500 F.2d 1170, 1176, 182 USPQ 614, 618-19 (CCPA 
1974). 

The attached Declaration is signed by each of the named inventors in accordance with 
M.P.E.P. § 715.04. That Declaration asserts, at numbered paragraph 2 of that Declaration, 
that the inventors of the present application conceived of their invention at least as early as 
August 29, 2000. This date predates the earliest priority date of MacLean 2002/0038363. 
Exhibit A is evidence of that conception in six, single sided and numbered pages. While 
conception by the present inventors may have been earlier than August 2000, that is the 
earliest evidence the Applicants submit at this time. 

For all Exhibits, redacted portions obliterate only personal information (employer 
personnel numbers, email addresses, phone numbers, etc.) that are not relevant to 
conception and/or diligence. Additionally, for Exhibit A only, certain redacted portions 
obliterate privileged business information that is not relevant to conception and/or 
diligence. 

Specifically, conception of the invention recited in pending claim 1 may be broadly found 
at numbered paragraphs 2 and 3 (e-commerce filter in a network) combined with #1 under 
the sub-heading "A possible start for claims:" (where the 'parties' relate to the claimed 
network components) at pages 2 and 3 respectively, of Exhibit A. Conception of the claim 
1 clause "independent of a particular electronic commerce program" is shown at page 2 of 
Exhibit A under the subheading "The solution:", where the present 'generic solution' is 
distinguished over the 'classic integrated approach' and is stipulated in several buUeted 
points as a 'Uniform policy over different e-Commerce systems'; as adaptable 'without re- 
deploying the e-Commerce systems'; and as insertable 'without the knowledge or 
participation of the e-Commerce system vendor'. These and other specific disclosures 
within Exhibit A further show conception for each of the remaining independent claims 
26, 27, 29,31,32, 62 and 70. 



3 



AppL No. 09/783,897 

RCE Dated July 28, 2004 

Following Office Action of January 30, 2004 

Applicant submits that Exhibit A evidences conception of the claimed invention in such 
detail as to clearly exceed the minimum requirements recited above from In re Spiller . 

Diligence is shown in the Declaration at numbered paragraphs 3-6 and Exhibits B through 
D. Specifically, Exhibit B is a copy of an email evidencing a meeting concerning the 
invention on September 7, 2000 (the date prior to the email of Exhibit B). Exhibit C is a 
copy of a Supplementary Invention Report in fourteen numbered pages (two-sided) 
generated in response to the meeting noted in Exhibit B. Exhibit C evidences further 
reduction to practice between September 8, 2000 and October 9, 2000. Exhibit C bears a 
stamped date of October 11, 2000, but was earlier attached to the email of Exhibit D 
which itself is dated October 9, 2000. 

Exhibit E is a copy of the first page of a letter dated October 31, 2000 whereby the 
invention was first submitted to outside counsel for the purpose of preparing a U.S. patent 
application (received on November 1, 2000). Caselaw holds that once an invention is 
submitted to an attorney for drafting of a patent application, diligence is satisfied when the 
attorney takes up work in a reasonable order. "[Djecisions (as to the order in which a 
patent attorney prepares cases) recognize that the pressure of other business on a patent 
attorney may be a sufficient excuse for delay in filing provided the attorney takes up work 
in a reasonable order..." Chisum on Patents, vol 3, ch. 10.07[4][e] (Matthew Bender & 
Co., Inc., Rel. 82-3/02). Gould v. Schawlow , 150 USPQ 634 (CCPA 1966); Rines v. 
Morgan , 116 USPQ 145, 148 (CCPA 1957) ("it is not necessary that an inventor or his 
attorney should drop all other work and concentrate on the particular invention involved; 
and if the attorney has a reasonable backlog of work which he takes up in chronological 
order and carries out expeditiously, that is sufficient."). The undersigned asserts that 
based on a personal interview, the attomey preparing the case had a reasonable backlog of 
patent cases that he took up in a reasonable order during the entire period from November 
1^^ 2000 to January 20^*^, 2001. Therefore, conception is shown by Exhibit A as being no 
later than August 29, 2000, which precedes the earliest MacLean 2002/0038363 priority 
date of September 28, 2000. Diligence is shown through October 31, 2000 by Exhibits B 
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through E, and the remaining period from October 3 1 , 2000 until filing of the application 
satisfies diligence according to the authorities cited above. 

Though not required, the Applicant submits further materials in Exhibits E through H to 
corroborate diligence during the period over which the patent application was drafted and 
formalized. Exhibit F is a copy of an email of which the lower portion recites a first draft 
patent application was sent to the lead inventor, Mr. John F. Morar, on January 20, 2001; 
Exhibit G is a copy of a letter evidencing a second draft patent application was sent to that 
same lead inventor on January 31, 2001; and Exhibit H is a copy of a letter evidencing that 
a final draft of the patent application, with formal papers, was sent to that same lead 
inventor on February 5, 2001. The filed patent application is an exact copy of that final 
draft dated February 5, 2001. Because the filed application represents constructive 
reduction to practice, the identical draft of February 5, 2001 must also represent 
constructive reduction to practice. 

The Applicant's showing of conception and diligence is summarized in the following 
table: 



Reference 


Dates 


Activity 


Asserted showing 


Exhibit A 


Aug. 29, 2000 


Invention Report 


Conception 


Exhibit B 


Sept. 7-8, 2000 


Meeting and Email 


Diligence 


Exhibit C 


Oct. 9-11,2000 


Supplementary Invention Report 


Diligence 


Exhibit D 


Oct. 9, 2000 


Email with Exhibit C attached 


Diligence 


Exhibit E 


Oct. 31 to 
Nov. 1,2000 


Invention sent to outside counsel 
for drafting of patent application. 


Diligence 


Exhibit F 


Jan. 20, 2001 


First draft sent to inventors 


Diligence 


Exhibit G 


Jan. 31,2001 


Second draft sent to inventors 


Diligence 


Exhibit H 


Feb. 5,2001 


Final draft sent to inventors 


Reduction to Practice 


Application 


Feb. 15,2001 


Application filed with US PTO 


Reduction to Practice 



Applicant notes that the above reveals only two time periods wherein a month or more 
elapses without separate documentation as to diligence. Both periods are after the date the 
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invention materials were submitted to outside counsel for drafting of the application, and 
are therefore moot in view of the above-cited authority concerning the necessary showing 
of diligence during that period. Regardless, diligence during each period is independently 
corroborated as follows. 

As to the period Sept. 8 to Oct. 9, 2000, the period ends with the email of Exhibit D to 
which was attached the Supplementary Invention Report of Exhibit C. Exhibit C itself 
evidences a compilation of work performed over a period of time commensurate with the 
content of Exhibit C, and therefore proves diligence for a period of time commensurate 
with the work reflected in the materials, and not merely the date the completed 
supplementary report was electronically sent. As to the period between Nov. 1 , 2000 and 
Jan. 20, 2001 between the dates of Exhibits E and F, the first draft mailed January 20, 
2001 evidences a body of work culminating in the first draft that was merely mailed on 
that date but evidencing work over a period of time commensurate with its scope. That the 
drafting attorney theoretically might have taken up work in a different order and 
concentrated on the particular invention involved (absent competing evidence as to 
backlog or reasonableness of the order in which work was taken up) is expressly contrary 
to the above-cited caselaw. 

The Applicant hereby asserts that the attached Affidavit, Exhibits A through H, and the 
above assertion of the undersigned based on a personal interview with the drafting 
attorney, evidences conception of the invention prior to the earliest MacLean 
2002/0038363 priority date, and diligence from prior to that earliest priority date to 
constructive reduction to practice, the filing of the patent application on February 15, 
2001. 

2^ The MacLean Provisional Application Does Not Disclose Or Enable an Electronic 

Transaction Filter, and the Showing Predates the MacLean 2002/0038363 Filing Date: 
In the alternative, should the Examiner rule insufficient the above showing of prior 
conception and diligent reduction to practice. Applicant asserts that relevant and 
substantive portions of MacLean 2002/0038363, asserted as anticipatory in the outstanding 
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rejection, are not disclosed in or enabled by the Mac Lean provisional application. 
M.P.E.P. § 2136.02 requires that "subject matter not included in the patent or application 
publication itself can only be used when the subject matter becomes public." While 35 
U.S.C. 102(e) provides that the 'pubhc' date of a reference may be considered its filing 
date, in the present instance, only the subject matter of the cited MacLean 2002/0038363 
that finds enabling support in the MacLean provisional application is entitled to the earlier 
filing date of the provisional (September 28, 2000). This mirrors the requirement of 
M.P.E.P. § 2136.03, part IV, wherein the filing date of a parent application may only be 
used as the priority date under 102(e) only if that parent application supports the claims of 
the issued child application; matter that is new in a subsequent application does not carry 
the priority date of a previous application fi:om which benefit is claimed. 

Exhibit I is a copy of the MacLean provisional application from which MacLean 
2002/0038363 claims priority, as provided by the US PTO. At page 3 of the outstanding 
Office Action, the Examiner recites that MacLean 2002/0038363 discloses: inputting the 
electronic commerce transaction to an electronic transaction filter . . . for enabling the filter 
to interpret at least one characteristic of the transaction in a manner that is independent of 
a particular electronic commerce program that originated the messages and message data. 
Assuming arguendo that MacLean 2002/0038363 does disclose and teach the above, those 
teachings are not disclosed in enabled by the MacLean provisional application, and 
therefore constitutes new matter not entitled to the priority date of the MacLean 
provisional application. 

First, the MacLean provisional application fails to include any drawings where necessary 
to understand the subject matter, as required under 35 U.S.C. § 113 and M.P.E.P. § 
608.02. ("The examiner should require drawings in almost all such instances."). This 
represents a lack of enablement in itself. Second, the MacLean provisional application is 
not seen to include disclosure concerning an electronic commerce filter or its specific 
claimed characteristics. This represents a lack of disclosure. It appears that all references 
to filters in MacLean 2002/0038363 constitute new matter over the MacLean provisional 
application. Thus, any disclosure and/or teaching in MacLean 2002/0038363 that relates 
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to electronic commerce filters is not entitled to the earlier provisional filing date of 
September 28, 2000, but rather carries a priority date no earlier than February 13, 2001, 
the filing date of MacLean 2002/0038363. 

For the present application, the showing detailed above in section 1 recites that the final 
draft of the present application was prepared no later than February 5, 2001 (Exhibit H); 
and that final draft was later filed unchanged. Applicant's first argument concerning 
section 2 of this paper is that the draft sent on February 5, 2001 for inventor execution of 
the Oath represents constructive reduction to practice, because it is identical to the 
application filed on February 15, 2001. The ten-day period fi-om February 5 to filing of 
the application on February 1 5 was occupied by review of the final draft by each of the six 
named inventors, procuring each of their signatures on the Oath and Assignment, and 
submitting the executed formal papers to the drafting attomey for filing. The draft of 
February 5, 2001 is eight days prior to the earliest MacLean disclosure that the Examiner 
cites as anticipatory, so no showing of conception or diligence is required. See 37 C.F.R. 
§ 1.131(b) and M.P.E.P. § 715.07, Part III, sub-paragraph (A). 

Applicant's second argument concerning section 2 of this paper is that conception and 
diligence are shown from prior to the earliest date that MacLean discloses what the 
Examiner cites as anticipatory until filing of the present application. As detailed above, 
conception is shown at least as early as August 29, 2000 (Exhibit A), and is hereby 
asserted as also shown the final draft dated February 5, 2001 (Exhibit H, the draft itself 
being identical to the application as filed). Diligence need only be shown from a period 
immediately preceding the asserted anticipatory disclosure until filing of the application. 
See 37 C.F.R. § 1.131(b) and M.P.E.P. § 715.07, Part III, sub-paragraph (C). For this 
argument, the period over which diligence must be shown is from before the critical date 
of February 13"^ (the MacLean 2002/0038363 filing date) until the filing date of the 
present application, February 15, 2001. Exhibit H shows diligence (and conception) on 
February 5, 2001, which precedes the critical date by eight calendar days. February 10-11, 
2001 fell on a weekend, leaving eight business days between February 5^*^ and the filing 
date of February 15, 2001. Applicant asserts it is diligent for six separate inventors to 
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each review a final draft patent application, each execute an Oath and Assignment, and the 
representing attorney to file the application, within eight business days. 



In summary. Applicant asserts in section 1 of this paper that no teachings of either 
MacLean 2002/0038363, or the MacLean provisional application, are valid prior art 
against the present application. By two separate and independent arguments, Applicant 
asserts in section 2 of this paper that no teaching concerning filters of the MacLean 
2002/0038363 reference are valid prior art against the present invention. 



In light of the above arguments, Applicant respectfiilly requests that the Examiner 
consider MacLean 2002/0038363 as not valid as prior art against the present application, 
and pass claims 1-80 to issuance without further delay. Applicant invites the Examiner to 
discuss any remaining concerns, if there be any, with the undersigned representative via 
telephone at his discretion. 



Respectfully submitted: 



rerald J. Stanton ^ 



July 28. 2004 



Gerald J. Stanton ^ Date 
Reg. No.: 46,008 

Customer No.: 29683 

HARRINGTON & SMITH, LLP 

4 Research Drive 

Shelton, CT 06484-6212 

Phone: (203) 925-9400 

Facsimile: (203) 944-0245 

Email: gstanton@hspatent.com 



CERTIFICATE OF MAILING 

I hereby certify that this correspondence is being deposited with the United States Postal 
Service as first class mail in an envelope addressed to: Commissioner for Patents, P.O. 
Box 1450, Alexandria, VA 22313-1450. 

July 28. 2004 /^^^^^ OJ<£,^c^:^^i^J-<<:^ 

Date Ann't' Okrentowich 



9 



( ( 



IN THE U.S. PATENT AND TRADEMARK OFFICE 

Morar^Jote 
" February 15, 2001' " ' ' ' 
3621 

Bayat, Bradley B. * 
Docket No. : YOR920000719US1 

Title : METHOD AND APPARATUS FOR PROVIDING INDEPENDENT FILTERING 

OF E-COMMERCE TRANSACTIONS ' 



Commissioner for Patents 

P.O. Box 1450 

Alexandria, VA 22313-1450 

DECLARATION UNDER 37 CF.R. § 1.131 

1. We the imdersigned inventors, John F. Morar, Ian N. Whalley, Steve R. White, David M. 
Chess, Aaron Kishenbaum, and Edward Pring, hereby attest that we are the joint .and first 
inventors df thfe invention described and claimed in the above-referenced patent application, now 
pending before the U.S. Patent Office. Exhibits A through D described below represent bur^own 
work on the invention described in that patent appUcation during the times indicated. 

2. We conceived of the 'invention at least as early as August; 29, 2000, as\ evidenced by 
Exhibit A. Exhibit A is an Invention Disclosure prepared by John F. Moriar that sximmarizes 
'certain key concepts of the invention. Other dates noted within Exhibit A potentially evidence 
earlier dates of conception. We do not claim that the handwritten notes on Exhibit A form a part 
of the Invention Report as it existed on August 29, 2000. J - 

3. _ From at least August 29, 2000 through February 15, 2001, we continued to reduce the 
invention to practice, as evidenced by Exhibits B through D and the fixfther statements below. 
Exhibit B is a copy of an email dated September 8, 2000 from David Shofi of IBM to each of us, 
concerning a meeting between the inventors and him that occurred on September^?, 2000. That 
email and meeting recite that the invention was to be the subject of a patent application, and set 
forth more detailed disclosure that the inventors would develop toward that end. 

4. Exhibit C is a copy of a Supplementary Invention Report that we prepared in respohiS to 
the email of Exhibit B and the meeting noted in that email. 

5. ' Exhibit D is a copy of an email dated October 9, 2000 from inventor John F. Morar to 
David Shofi, noting an attachment entitled '"¥91 Filtering e-commerce transacti". That 
attachment was identical to Exhibit C above. 
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6. To the best of our recollection, we received and commented on draft patent applications 
during January, 2001; we agreed to a final draft of a.patent appUcati^^^^ 

aad we each signed a declaration concerning that final diraft .durm 2001. ! j v 

7. Each of the redacted portions of Exhibits A through D do not relate to the inventive 
substance of the invention. 

8. Each of the undersigned inventors hereby attests that the Exhibits cited herein are true 
copies of the original documents asserted above. Each of us hereby acknowledges that the 
statements made herein are true or are made on information and belief that is believed to be true. 
I fiirther acknowledge that any willftil false statements are punishable by fine or imprisonment, 
or both, in accordance with 18 U.S.C. § 1001; and that such false statements may jeopardize the 
validity of any patent that may issue form the appUcation to which this Declaration pertains. 



Respectfully Submitted, 




David M. Chess 



Aaron KisbeHbaiiHar ytoiifi^bf^^ 




Notary Seal and date: 
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Main Idea 



Method and apparatus for independent filtering of e-CJommerce transactions 



1. Describe your invention, stating the problem solved (if appropriate), and indicating the advantages of 
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using the inverrtion. 

The problem: E-Commerce systems typically have a policy for allowing transactions to proceed to 
conpletion. This policy may either be static (in that it is hard wired into the system) or dynamic in that it 
can be updated without redeploying the application. In either caise. policies must be compatible with the 
deployed e-commerce system they are associated with. Frequently, there will be transactions that are 
allowed by the system even though the system operator/owner would not approve. 



The solution: This invention provides a method for enforcing additional constraints, thereby allowing the 
system owner/operator to extend the functionality of the system without the knowledge or assistance of 
the original system provider. It provides a generic nr^eans for blocking or modifying in-progress 
e-commeroe transactions by intercepting, examining and possibly nx>difying one or more of the 
messages that constitute the transaction. The generic solution described here has several advantages 
over the classic integrated approach. 

• Uniform policy across different e-Commerce systerns. 

• Ability to update the policy with artDitrary new code without re-deploying the e-Comnrierce systems 

• Ability to insert custom and proprietary fitters without the knowledge or participation of the 
e-Commerce system vendor, 

• For instance, enforce policy such as usage of a prefemed supplier for airiine ticket purchases. 

• Inplement a custom approval/audit policy that is consistent across e-commerce systems. 

• Ability to btock certain transactions that you do not wish to be active on your systems. 

• Masquerade the transaction so as to hide some source infomfiation from the vendor fulfilling an order. 
For instance, suppose a company employee wishes to electronically purchase software that is 
downloaded electronically. Masquerading could hide all information about the specific employee from 
the vendor while allowing the transaction to complete. 

In addition, this solution is well suited to provkling protection against the following risks that are inherent 
in any e-Commerce environnDent; 

• Users may intentionally attenpt to perform transactions that are allowed by the e-Commerce systerii 
but of which his employer would not approve. 

• Users may accidentally attenpt to perform transactions that are allowed by the e-Commerce system 
but which they did not intend. 

• Unauthorized programs may attempt to perform transacttons order under the auspices of a valid user. 

• Unauthorized users may attempt to use the system. 

• Legitinrrate programs may have undesired behavior that should be blocked. 



2. How does the invention solve the problem or achieve an advantage.{a description of "the invention", 
including figures inline as appropriate)? 

One embodiment of this Invention would be software that inserts itself between all applications and the 
networking layer that Is used to transport e-commerce traffic. This software would examine noessages 
that pass through it and selects messages that are part of standard e-commerce transactions. The 
software would then examine them and analyze them for specific characteristics. If the analysis results so 
indicate, the message could be blocked or modified in a way that will enforce the policy that applies to the 
analysis results. The software could also take additional actions such as alerting, directly querying the 
user, logging resutts, etc. 

3. If the same advantage or problem has been identified by others (inside/outside IBM), how have those 
others solved it and does your solution differ and why is it better? 

Current solutions for policy enforcement are included as integral parts of an overall e-comnmerce 
offering. This solution offers a generic method to add enhanced filtering to e-comnmerce systems that are 
already deployed. Since this system could potentially cover all the installed e-commerce systems at a site 
there would be additional advantage in updating the system in real time. 
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4. If the invention is implemented in a product or prototype, include technical details, puipose, disclosure 
details to others and the date of that Implementation. 

Distinguishing factors: 

• Installed as an add-on that can work with standards based e-commerce which we expect to bi 
ubiquitous in the fixture. There are currently no products like this and we have not heard such 
products discussed. 

• Policy can be applied across e-commerce offerings 

• Separates the e-commerce policy vendor from the e-commerce function vendor thus defining 
a new business category which we hope to be able to describe as a business methods patent. 

Random points: 



1 . A subsystein interposed between two or more parties that intercepts e-coinmefce transactions 
and takes actions based upon the properties of the e-commerce transaction; where the 
presence of the subsystem does not require any changes to the protocols used by the parties. 

2. A system as in daim (1 ) where the subsystem interposed between two or more parties includes one 
or more software components that identifies e-commerce transaction related traffic even when other 
traffic Is paissing between the parties. 

3. A system as in daim (1 ) where the subsystem interposed l>etween two or more parties indudes one 
or wore software components that deduces what if any action should be taken in connection with an 
e-commerce transaction arriving at the subsystem. 

1 . A system as In daim (3) where the action is deduced in part or whole by applying predefined 
rules to the contents of one or more messages that comprise an e-commerce transaction. 

2. A system as in daim (3) where the action is deduced in part or whole by applying predefined 
mtes independent of the contents of any messages that conprise an e-commerce transaction. 

3. A system as In daim (3) where the adion is deduced by applying predefined rules based entirely 
on the origin or destination of one or mors messages that comprise an e-commerce transadion 

4. A system as In daim (3) where the adion is deduced by supplying another software subsystem 
information and receiving a reply. 

5. A system as in daim (3) where the adion is deduced by interading with a human 

4. A system as in daim (1 ) where the subsystem interposed between two or more parties indudes one 
or more software components that modifies e-commerce transactions arriving at the subsystem 
before it is passed to the intended party. 

5. A system as In daim (1) where the subsystem interposed between two or more parties indudes one 
or more software components that does not pass a received message to the intended party. 

6. A system as in daim (1 ) where the subsystem interposed between two or more parties indudes one 
ormore software components that pass a received message to a different party than the intended 
party. 

7. A system as in daim (1 ) where the subsystem interposed between two or more parties indudes one 
or more software components that pass a received and modified message to a different party than 
the intended party. 

8. A system as in daim (1 ) where interposed is interpreted to mean that the subsystem is comprised in 
part or entirely of a software layer inserted between two existing software layers such that the 
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preexisting software layers continue to operate properly in the event the subsystem takes no action. 
9. A system as in claim (1 ) where interposed is interpreted to mean that the subsystem is comprised in 
part or entirely of a software object inserted between two existing software objects such that the 
preexisting software objects continue to operate properly in the event the subsystem takes no action. 

1 0. A system as in daim (1 ) where interposed is interpreted to mean that the subsystem is comprised in 
part or entirely of a software component inserted between two existing software components such 
that the preexisting software components continue to operate properly in the event the subsystem 
takes no action. 

11. A system as in claim (1 ) where parties is interpreted to mean any software that represents a person 
or institution that has the ability to transfer goods, services or money. 

1 2. A system as in claim (1 ) where parties is interpreted to rpean any software that represents a person 
or institution that has the ability to transfer goods, services or money. 

13. A system as in claim (1) where e^ommerve transaction is interpreted to mean any message traveling . 
between any of the parties related to the transfer of goods, services or money. 

14. A system as in daim (1) where e-co/nmeAce^ansacf/b/7 is interpreted to niean any 00^^ 
messages traveling between any of the parties that together enable the transfer of goods, services of 
money. 
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Patent Value Tool (Optional - this may be used by the inventor and attorney to assist wKh the evalu 

(The Patent Value tool can be used by you or the evaluation team to detemiine the potential licensing 
value of your invention.) 

The Patent Value Tool has not yet been used to calculate a score. 
Post Disclosure Text & Drawings 
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David Shofi 
09/08/2000 08:41 AM 



To: 



JohnFMorar/V R^^^t:^^ ' i Ian N Whallev/^ B^'*-^^*^ ( Steve R 
White/ W-^^^ jl David M Chess/^ !. Edward Pring/. 



Aaron KershehbaurhA ^k^c^t^ 



cc: 



From: David Shofi/» ^^-^^t^, / 

Subject: Disclosure YOR8-2000-6738 "Method and Apparatus for Independent Rltering of E-Commerce Transactions" 



The above disclosure has been rated FILE. 

Please refer to the above disclosure number in all correspondence relating to this matter. 

As we agreed at the invention disclosure meeting yesterday. John (as lead inventor) will complete a written, detailed 
description of a prefen-ed embodiment of the invention, including at least a system block diagram and a flow diagram. 
Remember to incorporate the alternate business method emlxxJiments that we discussed with or without drawings. 
Please send the ennbodlment to me In WordPro format, If possible (and the drawings In freelance if possible). 

Please fonvard to me any information that may have a bearing on the patentability of your invention, including prior art 
publications by you or others. 

I understand that there have not any public disclosures, offers for sale or other acth^ltles which would bring about 
a bar to filing an application nor are any expected. If this changes, please let me know ASAP! 

In order to guarantee filing of a patent application by the IVIarch 31, 2001 Business Method Incentive deadline, 
please provide me with the embodiment by November 30, 2000. 

Call me if you have any questions. 



david 



David M. Shofi 

Inteilectual Property Attorney 

T.J. Watson Research Center, YprWpwn 
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Introduction 

E-commerce environment 



The typical network administrator must support many different products in his 
networked environment. This is particularly true when it comes to applications that 
perform e-commerce transactions. Products that perform e-commerce transactions 
typically have their own administrative controls, if they have any administrative controls 
at ail- The availability of an add-on policy system that could monitor e-commerce 
transactions and enforce policy simultaneously for multiple products would provide 
significant value. This invention addresses that need by describing a means of interposing 
new policy components between existing system components. Hie step of interposing the 
new policy component requires knowing the interface specification between the 
components at the point of insertion. 

Although not there yet, the industry is currently driving towards the adoption of 
publicly available standards for the interaction between the major software components 
involved in e-commerce transactions. The trend in the industry now and in the expected 
fiiture is for software vendors to provide system components that must work together. 
Publicly available standards are believed to be the best way to achieve reliable and proper 
inter-operation between components provided by different vendors. The' availability of 
publicly available standards will increase the value of this invention, however, all that is 
iiecessary for implementing this invention is access to the interface specification, 
however obtained. In order to demonstrate the principles behind the invention we 
concentrate' on a typical configuration used by e-cbnm 

implementation does not depend on the number, or detailed nature of the components. 
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Figure 1 illustrates a likely sequence of interactions between software 
components used to cany out an e-commerce transaction. 
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A typical e-commerce transaction might involve the sequence of software 
components diagrammed in figure 1 . The top left box in the stack labeled 
User/automated process 1 represents a person or computer program that is specifying 
the nature of an e-commerce transaction. Specifying the nature of the transaction could be 
accompUshed by anything firom selecting options in a user interface to programmmg an 
automated agent to exercise a programmatic interface. E-commerce program 1 
processes this information and places it into a known form. A known form contams data 
encoded accordmg to a specification such that other programs capable of applymg the 
specification to the known form can meaningfiilly process the data. There may Je inore 
than one specification available and therefore more than one known form used by the e- 
commerce program. E-commerce program 1 transfers this information to 



Figure 2 fllustrates a network of seveial complete e-commerce capable instaUations thereby providing a more 
realistic model of the real world. / . 

commumcations system IwMch in turn sends the information to the commu^^ 
interface of another e-commerce program. The communications may pass through a local 
network and then over a more extended network such as the Memet. The information 
may be transformed several times in transit. The details of how the known form is 
deUvered to the Communications system 2 are not important for this example. 
Communications system 2 deUvers the known form to E-commerce program 2, which 
ultimately interprets the known form. In practice, the activity illustrated m this diagram is 
repeated many times over, where the e-commerce programs could be provided by many 
different vendors and be deployed in many different locations. Furthermore, transaptions , 
could potentially flow either direction. Figure 2 illustrates a more realistic model for the 
current e-commerce environment. 

Figure 2 shows a configuration composed of four distinct users (User 1 through 
User 4) and three automated e-commerce processes (Auto 1 through Auto 3). An 
example of an automated process would be an e-commerce store that supports electromc 
purchasing. In the example shown in Figure 2 each e-commerce stack employs different 
e-commerce programs that may have each been written by a different vendor. For the 
purpose of illustration, each communicatioiis system (Comm. 1 through Comm. 7) is 
assumed to be different from the other communications system. Assuming both User 1 
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and User 2 employ graphical user interfaces to interact with E-comm 1 and E-comm 3 
respectively there is no reason to expect that the user interfaces will be the same or even 
similar. Analogously, if Auto 1 and Auto 2 are interacting with E-comm 2 and E-comm 
4 programmatically, there is no reason to expect the programmatic interfaces to be the 
same or similar. However, under the conditions specified at the beginning of this 
document, all of the e-commerce programs produce one of the known forms that can be 
processed by any other e-commerce program that supports the same specification. 



E-commerce filters 

This invention involves interposing new software components between one or 
more of the software components shown in the above figures. These new software 
components would only be interposed where the data is cast in a known form that enables 
the interposed software to interpret all or some of the characteristics of the e-commerce 
transaction flowing through it. For illustrative purposes, Figure 3 indicates some of the 
positions (with diamond shapes where new components could meaningfully be 
interposed 



j ased on the s cenarios used to d evelop the e a rlier figures . 




Figure 3 shows potential locations for interposing software components that analyze e-commerce information, 
possibly taking action based on the processing results. The diamond shapes (<S>) represent new software 
component called a filter that is interposed between software components that process e-conmierce transaction 
infomiation. 



The interposed software components (hereuiafter referred to. generically as 
"filters") have the potential to analyze the e-commerce traffic passing through them and 
possibly take action based on the results of the analysis. In spite of the fact that the filters 
appear at different levels of the cormnunications hierarchy, they have the potential for 
extracting equivalent information. For example, a filter interposed between E-com 1 and 
Comm 1 could (in this example) do the same analysis as a filter interposed between ^ 
Comm 1 and the Local Network. Although any analysis of the e-commerce transactions 
could be performed, this invention anticipates tiiose analysis will fall into two categories, 
analysis for the purpose of collecting information across some administrative domain and 
analysis ptirsuant to enforcing a policy for some administrative domain. The 
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administrative domain could be a single machine, a single user who could appear on 
different machines, a collection of users or machines or any combination thereof 

Policy administration 

In the currently available environment, policy and the collection of e-commerce 

S^^mp^^^ctpmSm 
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Figure 4. Multiple administration programs are typically needed to set poUcy for and collect information from e- 
conimerce programs provided by different vendors. - 

transaction information may be enabled within either the User/automated process 
cbmponents or the e-commerce program, hi Order to collect equivalent data or enforce 
uniform policies across an administrative domairi, one would heed to either find a single 
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administrative program that can provide the equivalent administrative capabiHties for 
software from three different vendors, or perform administrative fimctions with three 
different administration programs for the three different products. The later case is more 
likely and is illustrated in figure 4. 

Consider the case where administrative capabilities do exist in the user/automated 
process components or the e-commerce programs. In a multi-product environment, those 
capabilities can only provide consistent coverage across an administrative domain when 
each product supports similar administrative capabilities, hi the general case, in which the 
administrative domain contains different products (perhaps from different vendors), 
administrative capabilities will be specific to each product or vendor and will not enable 
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Figure 5. A e-commerce based filter controlled by ^n administration program is interposed umformly aoross an 
administrative domain at the interface between the e-commerce program and the commxmications system. 



uniform capabilities across the domain. Of course, even if similar administrative 
capabilities are available from all products, it may not be practical to apply a uniform 
policy across all of the e-commerce programs. For instance, the desired policy may be to 
enforce limits for certain operations v/ithin the administrative domain (e;,g. the total 
amount of money spent), hi the scenario illustrated in figure 4, this would be difficult or 
impractical since the administrative programs do not share information between them so 
no single program gets an overall view of the administrative domain. 

In this invention we approach providing comprehensive and imiform coverage 
across an administrative domain by adding a e-commerce based filter (as illustrated in 
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Figure 3) across a layer of the e-commerce based e-commerce stack. One possible 

implementation of this concept is illustrated in figure 5. 

The known form of the information allows it to be analyzed independent of the 

particular e-commerce program from which it originated hi cases where e-commerce 
transaction information is being collected, the information can be accumulated based on 
the laiown form of the e-commerce transaction data and therefore traffic originating from 
different e-commerce programs can be combined. Similarly, enforcement of policies 
specifiable at the e-commerce transaction level can be evaluated seamlessly across e- 




Figure 6. A e-commerce based filter may also be interposed uniformly across an administrative domain between 
:=the communications system and the local networic • 

commerce products, even if they come from different vendors. Figure 5 illustrates but 
one possible configuration for using e-coinmerce based filters uniformiy across a 
heterogeneous administrative domain. Figure 6 illustrates another configuration in which 
e-commerce based based filtering could potentially be accomplished. As anticipated by 
figure 3, e-commerce based based filtering could also be carried out at the interface with 
the extended network as is illustrated in Figure 7. 
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Figure 7. A e-commerce based filter may also be interposed uniformly across an aciministrative domain between 

The impact of cryptographic technologies 
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Cryptographic technologies are widely employed in e-commerce transactions for 
identifying the source of messages, verifying their authenticity and hiding their content 
from unauthorized people or programs. In some system configurations, cryptographic 
technologies will limit the ability of filters to analyze or modify data in the known form. 
However, there are many system configurations that provide cryptographic protections' 
without preventing the proper operation of filters. Using the same illustrative architecture 
as in figures 2 through 7, figure 8 illustrates a popular system configuration in which 
cryptographic techniques are used to provide a secure private tunnel through an insecure 
public network. In this case, the filter shown in figure 8 would not be limited by the 
encryption used to construct the secure private tunnel. 





Figure 8 Cryptographic technologies maybe used to conne ct two priv ate local networks via a secure "tunnel" 
through a pubUc network, Ulustrated here by a shaded pipe I Hnm This does not interfere with an e-commerce 
based filter interposed between the local network and the extended network (or indeed at any higher layer). 



In the systems where data encryption is introduced in the communications 
component, a filter located at a gateway (as shown in figure 8) may not be able to 
meaningfully process the known form. In order to meaningfully process encrypted data, 
the filter would require access to the decryption key, which is contrary to most security 
policies. This siniation is illustrated in figure 9. One way of avoiding the situation 
illustrated in figure 9 is to position filters at the e-commerce program / communications 
component boundary as is illustrated in figure 10. The configuration illustrated in figiire 
1 0 has the advantage of working seamlessly with m^iy forms of session layer 
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cryptography, such as Secure Sockets Layer (SSL) services. SSL is a popular method for 
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Figure 9 shows the path.of encrypted data when the encryption is performed within the communications layer. 
Note: the filter component illustrated in this figure could be moved higher in the stack (as in figure 10), or the filter 
could be given access to the decryption key. 
including encryption and authentication into e-cormnerce systems. 
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Figure 10. When ciyptograpluc teclmology is used to coimect^^^ 

it does not interfere with a e-commeice based filter interposed between the e-commerce programs and the 
communications systems. 

Filtering in the presence of cryptography 

Cryptographic technologies are akeady widely used with e-commerce transactions, and 
this trend is expected to continue as the industry grows. Therefore, e-commerce based 
filters will have to operate in the presence of cryptography. 

E-commerce transactions may flow through a wide variety of cryptographic technologies, 
so e-commerce based filters need a variety of strategies for operating in their presence. 
Such strategies include but are not limited to the following: 

• The e-commerce based filter may be interposed above the components that 
implement the cryptographic technology. Figure 8 and Figure 1 0 illustrate this 
strategy, which is appropriate when the administrator has some flexibility in 
choosing where to interpose the filter. 

• The e-commerce based filter may be given the keys necessary to encrypt and 

decrypt the messages flowing through it. Figure 9 illustrates this strategy, which 
is appropriate when the filter has access to the key(s) necessary to decrypt the 

data. 



Page 10 of 14 



IBM Confidential - Disu.L^^re YOR8-2000-0738 "Method and Apparatus 'v (dependent Rlterlng of E- 

Commerce Transactions" 



• A e-commerce based filter may include two cryptographic proxies, paired with 
the communications programs at each end of a secure "session". Each proxy 
connects to one of the communications programs and plays the role of the other 
commimications program in the cryptographic protocols they use, thus forming 
two separate secure "sessions" with the filter logic between them. Figure 1 1 




Figure 1 1 . When cryptographic technology is used to connect two communications systems via a secure 
"session", it does not interfere with a e-commerce based filter that includes cryptographic proxies. 

illustrates this Strategy, which is appropriate when asynm 
as public-key) cryptographic technologies are used. 
• A e-commerce based filter may be given a key that can be used to decrypt only 
part of the message as when the communications are encrypted with multiple 
keys, where one of the keys is provided to the filter. Figure 9 illustrates this 
strategy. 

Filter capabilities 

Filters can be programmed to reconstruct transactions even if the transaction is 
broken up into muhiple pieces. This can be accomplished by providing persistent storage 
in the filter that associates the appropriate pieces in order to build a complete picture of 
the transaction. Using such technology, filters can potentially know the transaction 
.parties, timings, and specific details such as quantities and part numbers. It will also be 
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possible in some cases for the transactions to be modified by the filtere so as to create 
new functionality in the system or enforce specific policies firom within the filters. 

Business related capabilities 

There are four fimdamental classes of activity that are enabled by the invention: 

1. Rerouting transactions . 

a. Automated bimdling 

b. Offer transaction to third party 

2. Modifying transactions 

a. Blocking transactions 

b. Stalling transactions 

c. Alerting on selected transactions or situations 

3. Recording transactions 

4. Generating new transactions 

a. Ordering related goods 

b. Ordering related services 

Business models 

• Immune system mbdel: Collect information from subscril:»ers ina way tiiat j v^r 
appropriately protects the customer's privacy. Centrally analyze the datai in order 
to detect unacceptable transactions and then in response, possibly in real time, 
distiribute identificdion i^^ subscribers filters that can Wock or S^^^^^ 

detected transactions. . , : 

• Build a security team tiiat is responsible for staying current oii the late breakmg 

Intemet-based scams. The security team would learn how to identify the: scam:^y 
analyzing the transactions that are used to carry but the scam. The identification 
technology could be supplied to subscribers as updates to' their filters. When a ^ 
filter running at a customer sited identified a scam related transaction the security 
company could provide value added services such as obtaiiiing JegaUy relevant : 
information for future prosecution. 

• A third party transaction recording company. The transaction record repository 
company installs filters across a subscriber's organization in order to collect a 
record of tiie transactions undertaken by the organization. These filters encrypt the 
transaction information and send it to tiie third party repository. The repository 
time stamps the transaction history and archives it for a period of time. The 
repository company would not be able to interpret the encrypted data. 

o The subscriber company could encrypt with a public/private key pair (a,b) 
and could then throw away the private key(a) (or claim to have throvra it 
away when in court). Then no-one would be able to decrypt the data in the 
repository, however, if the subscriber wanted to legally prove that a 
particular transaction took place at or before the repository time stamp, ; 
they could recover the data firom their own archive, encrypt the data with 
the public key (b) and show that it matched the encrypted data in the 
archive. This solves the often-mentioned problem wifli having a third 

party hold your business data. When a government entity attempts to get at 
archived data held by a tiiird party the typical response of the third party is 
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to immediately mm over the data, whereas, when companies are asked to 
turn over their data, they typically find a way to either not comply or 
partially comply in a way that will protect their information, 
o The subscriber company could encrypt with a symmetric key and hold the 
key so only the holder of the key would be able to decrypt the data in the 
archive. 

• Sell filter based heuristics for detecting potential e-commerce scams as a 
subscription service. The power of filter-based heuristics would be greater than 
heuristics implemented within a single product since they would have information 
from an entire administrative domain to analyze. 

• Sell a subscription service that keep up with changing export laws, tax laws etc. 
and provides these as intelligence in filters that monitor/enforce compliance. 

• A third party vendor provides filters to a customer. After installing the filters, the 
customer would search for the best deal they could find and then execute a 
purchase transaction. The filter would intercept the piurchase transaction and offer 
the third party vendor the opportunity to supply the product or service at the 
discovered price. The third party vendors could then re-direct the order to 
themselves. There could be a variety of incentives provided to the customer by the 

V third party vendor in order to obtain the business, such as an overall discount 
provided to the company at the end of the year based on the total amoamt of 
business transacted. 

• A service that audited the filter policies and certified them as in compliance with 
some standard, consistent with best practices etc. 

• Subscription service that provides additional security checks before a transaction 
can be completed. For instance, extend the certification/authentication fimction 
commonly present in e-commerce applications to include enforcing additional 
policy relative to signatures; e.g., that a person is authorized to sign in a specific 
role (purchaser, co-signer) or cross-checking information held at different sites; 
e.g., multiple banks may have to assure payment when the fimds covering a 
transaction are spread across different accoimts. 

Some claims that occurred to us; not all the text is covered by these 
claims 

(1 ) A subsystem interposed between two or more parties that intercepts e-conunerce 
transaction^ and takes actions based upon the properties of the e-commerce 
transaction; where the presence of the subsystem does not require any changes to 
the protocols used by the parties. 

(2) A system as in claim (1) where the subsystem interposed between two or more parties 
includes one or more software components that identifies e-commerce transaction 
related traffic even when other traffic is passing between the parties. 

(3) A system as in claim (1) where the subsystem interposed between two or more parties 
includes one or more software components that deduces what if any action should be 
taken in connection with an e-commerce transaction arriving at the subsystem. 

a. A system as in claim (3) where the action is deduced in part or whole by applying 
predefined rules to the contents of one or more messages that comprise an e- 
commerce transaction. 
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b. A system as in claim (3) where the action is deduced in part or whole by applying 
predefined rules independent of the contents of any messages that comprise an 
e-commerce transaction. . 

c. A system as in claim (3) where the action is deduced by applying predefined 
ailes based entirely on the origin or destination of one or more messages that 
comprise an e-commerce transaction. 

d. A system as in claim (3) where the action is deduced by supplying another 
software subsystem information and receiving a reply. 

e. A system as in claim (3) where the action is deduced by interacting with a human 

(4) A system as in claim (1) where the subsystem interposed between two or more parties 
includes one or more software components that modifies e-commerce transactions 
arriving at the subsystem before it is passed to the intended party. 

(5) A system as in claim (1) where the subsystem interposed between two or more parties 
includes one or more software components that does not pass a received message to the 
intended party. 

(6) A system as in claim (1 ) where the subsystem interposed between two or more parties 
includes one or more software components that pass a received message to a different 
party than the intended party. ^- „ 

(7) A system as in claim (1 ) where the subsystem interposed between two or more parties 
includes one or more software components that pass a received and modified message 
to a different party than the intended party. u u . • 

(8) A system as in claim (1) where interposed is interpreted to mean that the subsystem is 
comprised in part or entirely of a software layer inserted between two existing software 
layers such thcit the pre-existing software layers continue to operate properly in the event 
the subsystem takes no action. u u . ■ 

(9) A system as in claim (1 ) where interposed is interpreted to mean that the subsystem is 
comprised in part or entirely of a software object inserted between two existing software 
pbjects such that the pre-existing software objects continue to operate properly ih the 
event the subsystem takes no action. . 

(10) A system as in claim (1) where interposed is interpreted to mean that the subsystem is 
' comprised in part or entirely of a software component inserted between two existing 

software components such that the pre-existing software components continue to operate 
properly in the event the subsystem takes no action. 

(11) A system as in claim (1) where parties is interpreted to mean any software that 
represents a person or institution that has the ability to transfer goods, services or 
money. 

(1 2) A system as in claim (1 ) where parties is interpreted to mean any software that 
represents a person or institution that has the ability to transfer goods, services or 
money. 

(1 3) A system as in claim (1 ) where e-commerce transaction. \s interpreted to mean any 
message traveling between any of the parties related to the transfer of goods, sennces or 
money. 

(14) A system as in claim (1 ) where e-commerce transaction is interpreted to mean 
any collection of messages traveling between any of the parties that together enable the 
transfer of goods, services of money. 
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TRANSACTION MANAGEMENT SYSTEM 
Field of the Invention 

The present invention relates to transaction management systems. More 
particularly, the invention relates to methods and systems for capturing and managing 
transactions, and electronic documents related thereto, conducted in a computer 
environment. 

Backgroimd of the Invention 

The emergence of networked computing, and in particular, increasingly accessible 
networks such as the Intemet and the World Wide Web, has made possible a wide variety 
of computerized transactions and electronic conraierce. This may include one-time 
consumer transactions such as a purchase of a product online, as well as business-to- 
business transactions, and complex consumer transactions such as mortgage lending, 
insurance, licensing, and so forth. When conducted using computers, transactions may 
involve data collection, presentation of multimedia such as text, graphics, and sound, 
dynamic data generation, exchange of other data types such as facsimiles, and so forth. 

As a significant disadvantage, transactions involving significant exchanges of 
information in various formats may not be well documented, so that a party to a 
transaction may be unable to demonstrate a term or terms of the transaction that the party 
believed to be material 

There remains a need for a system that captures documents and electronic data 
associated with a transaction. 

2 

#400351 vl - TTZ-001.60 Provisional Patent Application for a Transaction Management System 



( f 

TTZ-001.60 

Summary of the Invention 

The systems and methods described herein relate to a system for documenting 
electronic transactions. The system may store any documents or data associated with a 
transaction, including dynamic content and user selections and inputs. A document 
repository may be provided for storing imstructured data representing data, text, forais, 
and so forth presented to a party during a transaction. A viev^er may be provided for 
displaying data stored in the document repository. 

Detailed Description of Certain Embodiments 

The description below pertains to several illustrative embodiments of the 
invention. Although many variations of the invention may be envisioned.by one skilled in 
the art, such variations and improvements are intended to fall within the compass of this 
disclosiu-e. Thus, the scope of the invention is not to be limited in any way by the 
disclosure below. 

A transaction management system may include a server, such as a Web server, 
that presents pages to client devices over a network. A user at a cUent device may enter 
data, navigate to different pages, and so forth. The server may include a software layer 
that can capture documents presented to the client device, and that can capture user input . 
from the client device. 

The software layer may reside, for example, between a presentation layer and any 
appUcation logic layers within the server, so that any content presented to the cUent 
device may be captured. This may include static content or dynamic content, and may 
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include, for example, HTML, XML, media such as audio, video, animation, and graphics, 
as well as database query results however formatted, and so forth. Even where external 
content is included in a page, such as targeted advertisements, the actual advertisements 
presented within a page may be captured and stored within a transaction history. The 
software layer may also reside outside the server, either between the presentation layer 
and the network, or between a firewall and the network. It will be appreciated that, where 
secure communications are employed, the software layer may further include encryption 
and decryption processes as appropriate to maintain secure coimections between 
components of the system. 

The software layer may additionally capture user input from the client device. For 
example, activation of controls such as checkboxes, radio buttons, scroll boxes, drop- 
down lists and the like may be captured. Entries into text boxes and navigation through 
hyperlinks may be captured, as well as any files uploaded or downloaded by the client 
device. 

The software layer may include one or more triggers to control activation and de- 
activation of transaction capture. For example, the software layer may be activated when 
a user navigates to a specific page, or activates a button within a page, or performs some 
other action. By controlling operation of the software layer with triggers, captured data 
and documents relating to a transaction may be stored without continuous logging of all 
server activity. 

The software layer may capture data and store the data in a document repository, 
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The document repository may provide a hierarchical system of folders for client devices, 
users, and/or specific transactions. Within each folder may be stored any data relating to 
a transaction, or more generally, any data provided by the software layer. The data may 
include application data, such as docimients for appUcations such as word processing 
programs, spreadsheet programs, database programs, computer automated design 
programs, and so forth. The data may also include page data such as HTML, XML, 
forms, scripts, and the like. Other types of data may also be supported, including media 
such as audio files and messages, video files, e-mails, text, print streams, screen captures, 
EDI, portable document format,' ASCII, and facsimile data. Optical character recognition 
or other techniques may be included for textual interpretation of non-text-based fomiats. 
The software layer may further capture any authentication data including passwords, 
digital signatures, credit card numbers, keys for secure communication, and so forth. It 
will be appreciated that, under certain privacy constraints, some data that may be 
available for capture will expUcitly not be captured by the system. 

The document repository may reside on a remote network device, accessible to 

the software layer and docimient viewers through an interface such as a Web server. The 

docxunent viewer may use, for example, one or more API's to interpret various types of 

media for display or searching. Each document, item of data, or other media captured 

during a transaction may be time stamped so that the document viewer may be used to 

view a complete transaction including the order in which all items were viewed and user 

inputs provided. Each document may be interpreted and searched in its native format so y 

that, for example, facsimiles may be searched and viewed by individual page, print 

streams may be searched for graphical, or alphanumeric content, and so forth. The 
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document viewer may provide additional functionality, such as editing documents in 
native formats, zooming and paiming within documents, and annotating docimients 
within the viewer without storing annotations in the document itself. 

In one aspect, the transaction management system may be used in a method of 
doing business to confirm transactions and resolve disputes relating to a transaction. In 
one such application, a user may provide the software layer on a local client device or 
within a local area network, gateway, or other network component used by the , client 
device to connect to a network such as the Internet. In another such appUcation, the user 
may navigate to a remote site that may provide the software layer for capturing 
transaction data while connecting to a site on which a transaction is to be conducted. In 
another such appUcation a server hosting the transaction, such as a retailer or service 
provider, may include the software layer. 

In one method of doing business, an independent third party may provide a server 
for capturing transactions. The server may be accessed by any buyer or seller, for a fee, 
in order to capture a transaction. The server may, upon request, establish a connection 
with the seller and a coimection with the buyer, and transfer network traffic between the 
two parties while capturing data in an internal software layer such as that described 
above. Should there be any dispute after the transaction is concluded, reference may be 
made to the captured documents, which will provide all details exchanged, and the order 
m which they were exchanged, prior to completion of the transaction. This may include 
information of relevance to buyers and sellers alike, including legally binding terms of an 
agreement, price, description of services and so forth. Data may also include volatile data 
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such as stock prices, interest rates, and auction bids, that may be relevant to a particular 
transaction. 

It will be appreciated that transaction capture systems such as those described 
above will have broad application in networked environments. The system may provide 
insurance in simple retail transactions, such as on-line purchases using a credit card. The 
system may also provide a platform for complex transactions such 'as home mortgages, 
home purchases, loans, insurance pohcy issuance and underwriting, and so on. However, 
it should further be appreciated that the system may be used in non-networked 
environments. For example, a group of papers relating to a transaction may be scanned, 
faxed, or otherwise converted to an electronic form and stored in the document repository 
for subsequent retrieval and examination. In addition, a combination of paper documents 
and on-line documents may be stored in the document repository, so that a transaction 
that includes paper-based and electronic components may be captured by the system. 

In another aspect, captured transactions may be reviewed using data mining 
techniques to investigate, for example, terms which caused potential buyers not to make a 
purchase, how long various pages of a multi-page transaction were viewed, exit points at 
which potential customers left a site, and so on. In such appUcations, the .full content 
displayed to a client device may be retrieved and reviewed for investigation. Enhanced 
accuracy of data may be realized because users of the system will be motivated to provide 
accurate information during the course of a transaction. Further, paper-based and 
electronic documents may be collectively mined for information. In addition, structured 
search techniques may be appUed to data of varying form, including, for example, 
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individual pages of faxes, e-mails, form data, and so forth. 

While the invention has been disclosed in connection with the preferred 
embodiments shown and described in detail, various modifications and improvements 
thereon will become readily apparent to those skilled in the art. Accordingly, the spirit 
and scope of the present invention is to be limited only by the following claims. 

What is claimed is 
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Claims 

1 . A transaction management system including a server, a software layer within the 
server, and a data repository, the software layer configured to capture data provided by 
the server and data provided to the server by a remote client and to store the captured data 
in the data repository, the data repository storing the captured data for subsequent 
retrieval and review. 
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Abstract 

The systems and methods described herein relate to a system for documenting 
electronic transactions. The system may store any docmnents or data associated with a 
transaction, including dynamic content and user selections and inputs. A do'curnent 
repository may be provided for storing unstructured data representing data, text, forms, 
and so forth presented to a party during a transaction. A viewer may be provided for 
displaying data stored in the document repository. 
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